On 2016-05-24 15:30, Michael Wise via mailop wrote:
If someone has a better idea how to keep mailinglist software like MailMan from
being co-opted into such an attack, I would LOVE to hear it.
I think the obvious approach would be to move back to
listname-subscr...@example.com requests, but r
On 2016-05-24 15:17, Jay Hennigan wrote:
On 5/24/16 12:26 PM, Michael Wise wrote:
We're still seeing cases where a malicious actor, typically in
Eastern Europe, will try and sign up a target email address for
thousands of lists all at once, flooding their mailbox with
confirmation traffic ,
You might want to checkout e-hawk.net as Franck suggested. Or checkout others
in area.
> On May 24, 2016, at 9:53 PM, Robert Mueller wrote:
>
>
>> I wonder what the point is. How does the bad guy monetize it, or is it a
>> coordinated attack against a specific victim? What other nefarious
>
> I wonder what the point is. How does the bad guy monetize it, or is it a
> coordinated attack against a specific victim? What other nefarious
> issues? Making the address useless or burying some other mail in the
> midst of the junk would seem to be a possibility.
>
> If an attack against a
On Tue, May 24, 2016 at 6:21 PM, Frank Bulk wrote:
> We saw a few messages backed up with our email server logging these items:
> Site yahoo.com (63.250.192.46) said in response to MAIL FROM (451
> 4.3.2 Internal error reading data)
> Site yahoo.com (98.136.216.25) said after data
We saw a few messages backed up with our email server logging these items:
Site yahoo.com (63.250.192.46) said in response to MAIL FROM (451
4.3.2 Internal error reading data)
Site yahoo.com (98.136.216.25) said after data sent: 451 Resources
temporarily not available - Please try a
I suspect it's the hiding angle, but it's hard to tell.
It does seem to be someone offering a, "Service" out of Eastern Europe.
If the lists were unconfirmed, we'd block them; so the attack needs to use
confirmed lists, and just bombard the target with what is, at least in theory,
unblockable tra
On 5/24/16 12:26 PM, Michael Wise wrote:
We're still seeing cases where a malicious actor, typically in Eastern Europe,
will try and sign up a target email address for thousands of lists all at once,
flooding their mailbox with confirmation traffic , perhaps to hide some other
nefarious issue
You definitely need anti-bot protection because currently you produce
bounce SPAM and may be used for targeted SPAM / DDoS, especially if you
reflect some user input (e.g. First name / last name). Currently, bots
of this kind do not bother to emulate user behavior and checking user
have visited fo
We're still seeing cases where a malicious actor, typically in Eastern Europe,
will try and sign up a target email address for thousands of lists all at once,
flooding their mailbox with confirmation traffic , perhaps to hide some other
nefarious issues.
If we could standardize the confirmatio
On 5/24/16 10:17 AM, Vick Khera wrote:
As an ESP, we host mailing list signup forms for many customers. Of
late, it appears they have been getting pounded on with fraudulent
signups for real addresses. Sometimes the people confirm by clicking the
confirmation link in the message and we are left s
Not new story, people have devised systems to avoid the creation of such
accounts:
http://bits.blogs.nytimes.com/2013/04/05/fake-twitter-followers-becomes-multimillion-dollar-business/?_r=0
You could for instance use data from http://www.e-hawk.net/ (I'm not
endorsing them, just a company that tri
Are these IP addresses on CBL?
Are these addresses in a larger pool, like a Nigerian coffee shop?
At some point, you should have a CAPTCHA, and also possibly a list of ranges of
known bad actors.
We’ve been so concerned about issues from bad IPs on port 25, that many of us
have neglected noticin
As an ESP, we host mailing list signup forms for many customers. Of late,
it appears they have been getting pounded on with fraudulent signups for
real addresses. Sometimes the people confirm by clicking the confirmation
link in the message and we are left scratching our heads as to why they
would
14 matches
Mail list logo
